Re: IE patches killed internet connection

I do enable & use Automatic Updates to make certain
your machine is always fully patched. Something odd seems to have happened
on OCT 12 - I thought that I had downloaded 896688, but something failed,
because that security patch is not on my machine.

Would a list of all the patches be helpful? And how dangerous is it to
uninstall security patches?

I have cleaned the machine as I described in posting my log, which is the
state of the machine right now, and I will install the 4 security patches
that are pending in Automatic updates.





"PA Bear" wrote:

> NB: WinXP SP2 is considered a Critical Security Update (your "security
> patch")...but I wouldn't install it just yet. See below.
>
> Running WinXP SP1, I would advise you to install all nine (9) of the Oct-05
> updates. Though only three (3) are considered critical (MS05-050, MS05-051,
> MS05-052), the others address important security vulnerabilities, Ellen.
>
> Furthermore, I suggest you enable & use Automatic Updates to make certain
> your machine is always fully patched:
>
> How to configure and use Automatic Updates in Windows XP:
> http://support.microsoft.com/?kbid=306525
>
> Now, back to your problems. If uninstalling 'Security Update for Windows
> XP - 896688' via Add/Remove Programs & rebooting does fix your problem, I
> would suspect that the Malicious Software Removal Tool (your "patch for
> removing bad software") removed some "hijackware" and either some "bad guys"
> remain or the removed "bad guys" broke something. You need to check for
> more "hijackware":
>
> Checking for/Help with Hijackware
> http://aumha.org/a/parasite.htm
> http://aumha.org/a/quickfix.htm
> http://aumha.net/viewtopic.php?t=5878
> http://mvps.org/winhelp2002/unwanted.htm
> http://inetexplorer.mvps.org/data/prevention.htm
> http://inetexplorer.mvps.org/archive/tshoot.html
> http://www.mvps.org/sramesh2k/Malware_Defence.htm
> http://defendingyourmachine.blogspot.com/
>
> When all else fails, HijackThis v1.99.1
> (http://aumha.net/downloads/hijackthis.zip) is the preferred tool to use.
> It will help you to both identify and remove any hijackware/spyware. **Post
> your log to http://forums.spywareinfo.com/,
> http://castlecops.com/forum67.html or http://aumha.net/viewforum.php?f=30
> (where I'm a moderator) for expert analysis, not here.**
>
> Once everything's hunky-dory (and I want the opinion of a HijackThis log
> expert before assuming so), then you should immediately go to Windows Update
> and install WinXP SP2. After reboot, return to Windows Update and install
> all critical updates offered you.
> --
> ~Robear Dyer (PA Bear)
> MS MVP-Windows (IE/OE, Security, Shell/User)
>
>
> EllenB wrote:
> > Thanks, and I should have said XP Home, SP1, all urgent security patches
> > applies. IE 6.0, regularly updated. Cable modem. Now have Firefox so I can
> > reach this group.
> >
> > Looked at prior posts, but I don't have tge same KB numbers that have been
> > reported previously as being trouble.
> >
> > I downloaded the patch for handling bad software, and one other, as well
> > as
> > the cumulative patch. Did not download the patch involveing French
> > language.
> > Will never download again wo making a screen clip first.
> >
> > Thought of uninstalling patches with high KB numbers, but was put off by
> > the
> > nunber of programs said to be affected. Could use advice , here, too.
> >
> > Many thanks.
> >
> > "PA Bear" wrote:
> >
> >> Windows version? Is MS05-052 the only patch you installed?
> >> --
> >> ~Robear Dyer (PA Bear)
> >> MS MVP-Windows (IE/OE, Security, Shell/User)
> >>
> >> EllenB wrote:
> >>> This morning I installed the cumulative security patch for IE 6 I can no
> >>> longer reach the Internet. Fortunately I still have mail because my mail
> >>> client is Eudora. Would appreciate help. Am at work now, will pick up
> >>> mail
> >>> when I get home.
> >>>
> >>> The dignostic was "page not found"
>
>
.

Relevant Pages

  • RE: Releasing patches is bad for security
    ... The new patch model for longhorn will not require reboots. ... functionality over security. ... Current patches are getting smaller as with large enterprises bandwidth can ... > MS posted a patch and some 300ish days later the worm hit. ...
    (Incidents)
  • RE: Releasing patches is bad for security
    ... posted a patch and some 300ish days later the worm hit. ... The problem then is how to release patches ... specifically focused on finding security flaws in all of their software. ... Releasing patches is bad for security ...
    (Incidents)
  • Re: [Full-Disclosure] Gates: You dont need perfect code for good security
    ... the blaster worm preceded the patch so this argument is DOA ... you do not have to pay for RHN to get redhat patches. ... I run Astaro Security Linux here at the house..blaster ...
    (Full-Disclosure)
  • Re: [Full-Disclosure] DCOM RPC exploit (dcom.c)
    ... But you'd still patch either way, ... of home users who don't even know what a security patch *IS*, ... But how many organisations firewall off internal servers from ... administrators have the time to watch the IDS given the number of patches they ...
    (Full-Disclosure)
  • Re: [Full-Disclosure] Re: Re: <to various comments>EEYE: Microsoft ASN.1 ...
    ... My personal prejudice is that I subscribe to the school of "security by ... I said why release them all on day 0 of the patch release. ... We use the details to create signatures for our vulnerability ... >>these signatures and use them to check for patches or to protect systems ...
    (Full-Disclosure)